The California State Supreme Court ruled that merchants cannot ask customers for their ZIP code in processing credit card transactions
A consumer's right to privacy; priceless. The California State Supreme Court ruled recently that it is illegal in that state for merchants to ask customers their ZIP code during a credit card transaction. Their decision underscores that consumers everywhere should be mindful of what kind of information they are asked to provide to merchants.
The court was unanimous in a ruling on a 2008 lawsuit brought by Jessica Pineda against Williams-Sonoma Inc. said that the clerk violated a 1990 California law that prohibits businesses from requesting and recording a credit card holder's "personal identification information," such as a customer's name, address, and postal code, which can be used to locate them, and which are unnecessary to the transaction. There are exceptions, including gas stations, which require ZIP codes for security purposes as well as companies that require the postal code if they are shipping a package.
In her lawsuit, Pineda claimed that she provided her ZIP code to the clerk believing it was necessary to complete the transaction. She later learned, she said, that the store performed a computer search that located her address, which it added to a marketing database.
The law calls for maximum fines of $250 for the first violation and $1,000 for each additional one.
The court's ruling "is good news for people who value their personal privacy," Joe Ridout told millionairecorner.com. Ridout, who is with San Francisco-based Consumer Action, an advocacy non-profit that has been fighting for consumer rights for 40 years, added, "This company was collecting information strictly for marketing purposes and de-anonymizing (information) that should have been anonymous. It was a serious invasion of this woman's privacy. It's very easy for (a company) to monetize personal information. They can sell it to other marketers and use it to increase sales. But it could also be very dangerous. There have been so many instances of stores falling prey to hackers or internal theft. Consumers can wind up (with their identity stolen). People should be concerned.
"We all know why (companies) want it, but why should they be able to get it?" asked Lance Raphael, a partner in the Consumer Advocacy Center, P.C. in Chicago. "The fact of the matter is that every year there is further and further incursion into people's privacy. There is far more legitimate reason not to give (the information) to them. It subjects consumers to heightened risk of loss of their personal identifying information, which nefarious individuals are capable of utilizing for putting together a profile to usurp their identity.
Not 20 minutes before you called, I got a call from a woman with a $12,000 credit card dent; not hers."
The California law was the first of its kind, and, according to Direct Marketing News, it has inspired similar privacy laws in at least 15 other states, including New York, Massachusetts, Pennsylvania, Minnesota, Nevada, New Jersey, and Ohio.
"For those other states that have similar rules regarding credit card transactions, (the California decision) has indirect applicability," Ridout said. "It sends a clear signal that merchants are not entitled to information that is not vital to the transaction. That is something that all responsible merchants should bear in mind. Merchants have to understand there are limits to the information they should be collecting. There are legal limits, too."